fix: harden terminal action endpoints #25

Merged

MrSphay merged 3 commits from codex/issue-6-terminal-actions-hardening into codex/production-intelligence-terminal 2026-05-17 18:43:24 +00:00

Conversation 1 Commits 3 Files Changed 6 +189 -31

MrSphay commented 2026-05-17 12:15:18 +00:00

Owner

Copy Link

Addresses #6.\n\nChanges:\n- Adds a protected POST /api/action route for status, brief, and sweep actions.\n- Hardens POST /api/sweep and /api/action with same-origin POST checks, per-IP rate limiting, sanitized audit logs, and header/body token handling without URL query tokens.\n- Adds dashboard SET TOKEN flow using x-crucix-token plus Status/Sweep controls.\n- Documents private LAN, Pangolin-authenticated, and public internet exposure settings.\n\nValidation:\n- git diff --check (only Windows CRLF warnings).\n- Added runner-side regression coverage in test/fetch-utils.test.mjs.\n\nPer runner-only constraint, no local npm/node test run was executed.

Addresses #6.\n\nChanges:\n- Adds a protected POST /api/action route for status, brief, and sweep actions.\n- Hardens POST /api/sweep and /api/action with same-origin POST checks, per-IP rate limiting, sanitized audit logs, and header/body token handling without URL query tokens.\n- Adds dashboard SET TOKEN flow using x-crucix-token plus Status/Sweep controls.\n- Documents private LAN, Pangolin-authenticated, and public internet exposure settings.\n\nValidation:\n- git diff --check (only Windows CRLF warnings).\n- Added runner-side regression coverage in test/fetch-utils.test.mjs.\n\nPer runner-only constraint, no local npm/node test run was executed.

MrSphay added 1 commit 2026-05-17 12:22:36 +00:00

fix: harden terminal action endpoints d7df2e4aee

MrSphay force-pushed codex/issue-6-terminal-actions-hardening from 79f897f8ac to d7df2e4aee 2026-05-17 12:22:36 +00:00 Compare

MrSphay commented 2026-05-17 15:59:57 +00:00

Author

Owner

Copy Link

Anpassen.

Anpassen.

MrSphay added 1 commit 2026-05-17 18:33:52 +00:00

Merge remote-tracking branch 'origin/codex/production-intelligence-terminal' into codex/issue-6-terminal-actions-hardening ... 1423dca199

# Conflicts:
#	README.md
#	server.mjs
#	test/fetch-utils.test.mjs

MrSphay added 1 commit 2026-05-17 18:39:11 +00:00

Merge remote-tracking branch 'origin/codex/production-intelligence-terminal' into codex/issue-6-terminal-actions-hardening ... 09df127e06

# Conflicts:
#	test/fetch-utils.test.mjs

MrSphay merged commit e288881c41 into codex/production-intelligence-terminal 2026-05-17 18:43:24 +00:00

MrSphay deleted branch codex/issue-6-terminal-actions-hardening 2026-05-17 18:43:25 +00:00

MrSphay referenced this issue from a commit 2026-05-17 18:43:26 +00:00

Merge pull request 'fix: harden terminal action endpoints' (#25) from codex/issue-6-terminal-actions-hardening into codex/production-intelligence-terminal

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

Clear labels

design-revert

Reverts visual/design changes

enhancement

New feature or product improvement

frontend-redesign

Frontend redesign and app-shell/UI work

marketing-finalization

Product presentation, README, packaging metadata, and customer-facing communication.

product

User-facing product capability or workflow

research

Research-originated product idea ready for implementation design

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

MrSphay

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: MrSphay/intelligence-terminal#25